X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Foc.c;h=2d7c6ce097274af7dd4b5327a207e25eab7ddd23;hb=925714ceeff035c596ad3d3c899ff631986c6757;hp=136170668753421d9c3e8e055853378790889840;hpb=439c0c796ded2be4d3236b981eb20eb2992402df;p=openldap diff --git a/servers/slapd/oc.c b/servers/slapd/oc.c index 1361706687..2d7c6ce097 100644 --- a/servers/slapd/oc.c +++ b/servers/slapd/oc.c @@ -1,7 +1,7 @@ /* oc.c - object class routines */ /* $OpenLDAP$ */ /* - * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. + * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. * COPYING RESTRICTIONS APPLY, see COPYRIGHT file */ @@ -17,21 +17,34 @@ #include "ldap_pvt.h" int is_object_subclass( - ObjectClass *sub, - ObjectClass *sup ) + ObjectClass *sup, + ObjectClass *sub ) { int i; + if( sub == NULL || sup == NULL ) return 0; + +#if 1 +#ifdef NEW_LOGGING + LDAP_LOG ( OPERATION, ARGS, + "is_object_subclass(%s,%s) %d\n", + sup->soc_oid, sub->soc_oid, sup == sub ); +#else + Debug( LDAP_DEBUG_TRACE, "is_object_subclass(%s,%s) %d\n", + sup->soc_oid, sub->soc_oid, sup == sub ); +#endif +#endif + if( sup == sub ) { return 1; } - if( sup->soc_sups == NULL ) { + if( sub->soc_sups == NULL ) { return 0; } - for( i=0; sup->soc_sups[i] != NULL; i++ ) { - if( is_object_subclass( sup->soc_sups[i], sup ) ) { + for( i=0; sub->soc_sups[i] != NULL; i++ ) { + if( is_object_subclass( sup, sub->soc_sups[i] ) ) { return 1; } } @@ -41,32 +54,22 @@ int is_object_subclass( int is_entry_objectclass( Entry* e, -#ifdef SLAPD_SCHEMA_NOT_COMPAT - ObjectClass *oc -#else - const char* oc -#endif -) + ObjectClass *oc, + int set_flags ) { Attribute *attr; -#ifdef SLAPD_SCHEMA_NOT_COMPAT - int i; + struct berval *bv; AttributeDescription *objectClass = slap_schema.si_ad_objectClass; assert(!( e == NULL || oc == NULL )); -#else - struct berval bv; - static const char *objectClass = "objectclass"; - assert(!( e == NULL || oc == NULL || *oc == '\0' )); -#endif - if( e == NULL || oc == NULL -#ifndef SLAPD_SCHEMA_NOT_COMPAT - || *oc == '\0' -#endif - ) { + if( e == NULL || oc == NULL ) { return 0; } + if( set_flags && ( e->e_ocflags & SLAP_OC__END )) { + return (e->e_ocflags & oc->soc_flags) ? 1 : 0; + } + /* * find objectClass attribute */ @@ -74,148 +77,40 @@ int is_entry_objectclass( if( attr == NULL ) { /* no objectClass attribute */ +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "is_entry_objectclass: dn(%s), oid (%s), no objectClass " + "attribute.\n", e->e_dn == NULL ? "" : e->e_dn, + oc->soc_oclass.oc_oid, 0 ); +#else Debug( LDAP_DEBUG_ANY, "is_entry_objectclass(\"%s\", \"%s\") " "no objectClass attribute\n", - e->e_dn == NULL ? "" : e->e_dn, oc, 0 ); + e->e_dn == NULL ? "" : e->e_dn, + oc->soc_oclass.oc_oid, 0 ); +#endif return 0; } -#ifdef SLAPD_SCHEMA_NOT_COMPAT - for( i=0; attr->a_vals[i]; i++ ) { - ObjectClass *objectClass = oc_find( attr->a_vals[i]->bv_val ); + for( bv=attr->a_vals; bv->bv_val; bv++ ) { + ObjectClass *objectClass = oc_bvfind( bv ); - if( objectClass == oc ) { + if ( objectClass == oc && !set_flags ) { return 1; } + + if ( objectClass != NULL ) { + e->e_ocflags |= objectClass->soc_flags; + } } + e->e_ocflags |= SLAP_OC__END; /* We've finished this */ - return 0; - -#else - bv.bv_val = (char *) oc; - bv.bv_len = strlen( bv.bv_val ); - - if( value_find(attr->a_vals, &bv, attr->a_syntax, 1) != 0) { - /* entry is not of this objectclass */ - return 0; - } - - return 1; -#endif -} - - -#ifndef SLAPD_SCHEMA_NOT_COMPAT - /* these shouldn't be hardcoded */ - -static char *oc_op_usermod_attrs[] = { - /* - * these are operational attributes which are - * not defined as NO-USER_MODIFICATION and - * which slapd supports modification of. - * - * Currently none. - * Likely candidate, "aci" - */ - NULL -}; - -static char *oc_op_attrs[] = { - /* - * these are operational attributes - * most could be user modifiable - */ - "objectClasses", - "attributeTypes", - "matchingRules", - "matchingRuleUse", - "dITStructureRules", - "dITContentRules", - "nameForms", - "ldapSyntaxes", - "namingContexts", - "supportedExtension", - "supportedControl", - "supportedSASLMechanisms", - "supportedLDAPversion", - "supportedACIMechanisms", - "subschemaSubentry", /* NO USER MOD */ - NULL - -}; - -/* this list should be extensible */ -static char *oc_op_no_usermod_attrs[] = { - /* - * Operational and 'no user modification' attributes - * which are STORED in the directory server. - */ - - /* RFC2252, 3.2.1 */ - "creatorsName", - "createTimestamp", - "modifiersName", - "modifyTimestamp", - - NULL -}; - - -/* - * check to see if attribute is 'operational' or not. - */ -int -oc_check_op_attr( const char *type ) -{ -#ifndef SLAPD_SCHEMA_NOT_COMPAT - return charray_inlist( oc_op_attrs, type ) - || charray_inlist( oc_op_usermod_attrs, type ) - || charray_inlist( oc_op_no_usermod_attrs, type ); -#else - AttributeType *at = at_find( type ); - - if( at == NULL ) return 0; - - return at->sat_usage != LDAP_SCHEMA_USER_APPLICATIONS; -#endif -} - -/* - * check to see if attribute can be user modified or not. - */ -int -oc_check_op_usermod_attr( const char *type ) -{ -#ifndef SLAPD_SCHEMA_NOT_COMPAT - return charray_inlist( oc_op_usermod_attrs, type ); -#else - /* not (yet) in schema */ - return 0; -#endif -} - -/* - * check to see if attribute is 'no user modification' or not. - */ -int -oc_check_op_no_usermod_attr( const char *type ) -{ -#ifndef SLAPD_SCHEMA_NOT_COMPAT - return charray_inlist( oc_op_no_usermod_attrs, type ); -#else - AttributeType *at = at_find( type ); - - if( at == NULL ) return 0; - - return at->sat_no_user_mod; -#endif + return (e->e_ocflags & oc->soc_flags); } -#endif struct oindexrec { - char *oir_name; + struct berval oir_name; ObjectClass *oir_oc; }; @@ -225,31 +120,38 @@ static ObjectClass *oc_list = NULL; static int oc_index_cmp( struct oindexrec *oir1, - struct oindexrec *oir2 -) + struct oindexrec *oir2 ) { - assert( oir1->oir_name ); - assert( oir1->oir_oc ); - assert( oir2->oir_name ); - assert( oir2->oir_oc ); - - return (strcasecmp( oir1->oir_name, oir2->oir_name )); + int i = oir1->oir_name.bv_len - oir2->oir_name.bv_len; + if (i) + return i; + return strcasecmp( oir1->oir_name.bv_val, oir2->oir_name.bv_val ); } static int oc_index_name_cmp( - char *name, - struct oindexrec *oir -) + struct berval *name, + struct oindexrec *oir ) { - assert( oir->oir_name ); - assert( oir->oir_oc ); - - return (strcasecmp( name, oir->oir_name )); + int i = name->bv_len - oir->oir_name.bv_len; + if (i) + return i; + return strncasecmp( name->bv_val, oir->oir_name.bv_val, name->bv_len ); } ObjectClass * oc_find( const char *ocname ) +{ + struct berval bv; + + bv.bv_val = (char *)ocname; + bv.bv_len = strlen( ocname ); + + return( oc_bvfind( &bv ) ); +} + +ObjectClass * +oc_bvfind( struct berval *ocname ) { struct oindexrec *oir; @@ -257,9 +159,6 @@ oc_find( const char *ocname ) (AVL_CMP) oc_index_name_cmp ); if ( oir != NULL ) { - assert( oir->oir_name ); - assert( oir->oir_oc ); - return( oir->oir_oc ); } @@ -270,8 +169,8 @@ static int oc_create_required( ObjectClass *soc, char **attrs, - const char **err -) + int *op, + const char **err ) { char **attrs1; AttributeType *sat; @@ -286,6 +185,9 @@ oc_create_required( *err = *attrs1; return SLAP_SCHERR_ATTR_NOT_FOUND; } + + if( is_at_operational( sat )) (*op)++; + if ( at_find_in_list(sat, soc->soc_required) < 0) { if ( at_append_to_list(sat, &soc->soc_required) ) { *err = *attrs1; @@ -309,8 +211,8 @@ static int oc_create_allowed( ObjectClass *soc, char **attrs, - const char **err -) + int *op, + const char **err ) { char **attrs1; AttributeType *sat; @@ -323,6 +225,9 @@ oc_create_allowed( *err = *attrs1; return SLAP_SCHERR_ATTR_NOT_FOUND; } + + if( is_at_operational( sat )) (*op)++; + if ( at_find_in_list(sat, soc->soc_required) < 0 && at_find_in_list(sat, soc->soc_allowed) < 0 ) { if ( at_append_to_list(sat, &soc->soc_allowed) ) { @@ -339,30 +244,30 @@ oc_create_allowed( static int oc_add_sups( ObjectClass *soc, - char **sups, - const char **err -) + char **sups, + int *op, + const char **err ) { int code; ObjectClass *soc1; int nsups; - char **sups1; + char **sups1; int add_sups = 0; if ( sups ) { if ( !soc->soc_sups ) { /* We are at the first recursive level */ add_sups = 1; - nsups = 0; + nsups = 1; sups1 = sups; while ( *sups1 ) { nsups++; sups1++; } - nsups++; soc->soc_sups = (ObjectClass **)ch_calloc(nsups, sizeof(ObjectClass *)); } + nsups = 0; sups1 = sups; while ( *sups1 ) { @@ -372,27 +277,57 @@ oc_add_sups( return SLAP_SCHERR_CLASS_NOT_FOUND; } - if ( add_sups ) + /* check object class usage + * abstract classes can only sup abstract classes + * structural classes can not sup auxiliary classes + * auxiliary classes can not sup structural classes + */ + if( soc->soc_kind != soc1->soc_kind + && soc1->soc_kind != LDAP_SCHEMA_ABSTRACT ) + { + *err = *sups1; + return SLAP_SCHERR_CLASS_BAD_USAGE; + } + + if( soc->soc_flags & SLAP_OC_OPERATIONAL ) (*op)++; + + if ( add_sups ) { soc->soc_sups[nsups] = soc1; + } + + code = oc_add_sups( soc, soc1->soc_sup_oids, op, err ); + if ( code ) return code; - code = oc_add_sups(soc,soc1->soc_sup_oids, err); - if ( code ) - return code; + code = oc_create_required( soc, soc1->soc_at_oids_must, op, err ); + if ( code ) return code; - code = oc_create_required(soc,soc1->soc_at_oids_must,err); - if ( code ) - return code; - code = oc_create_allowed(soc,soc1->soc_at_oids_may,err); - if ( code ) - return code; + code = oc_create_allowed( soc, soc1->soc_at_oids_may, op, err ); + if ( code ) return code; nsups++; sups1++; } } + return 0; } +void +oc_destroy( void ) +{ + ObjectClass *o, *n; + + avl_free(oc_index, ldap_memfree); + for (o=oc_list; o; o=n) + { + n = o->soc_next; + if (o->soc_sups) ldap_memfree(o->soc_sups); + if (o->soc_required) ldap_memfree(o->soc_required); + if (o->soc_allowed) ldap_memfree(o->soc_allowed); + ldap_objectclass_free((LDAPObjectClass *)o); + } +} + static int oc_insert( ObjectClass *soc, @@ -412,10 +347,11 @@ oc_insert( if ( soc->soc_oid ) { oir = (struct oindexrec *) ch_calloc( 1, sizeof(struct oindexrec) ); - oir->oir_name = soc->soc_oid; + oir->oir_name.bv_val = soc->soc_oid; + oir->oir_name.bv_len = strlen( soc->soc_oid ); oir->oir_oc = soc; - assert( oir->oir_name ); + assert( oir->oir_name.bv_val ); assert( oir->oir_oc ); if ( avl_insert( &oc_index, (caddr_t) oir, @@ -423,23 +359,23 @@ oc_insert( (AVL_DUP) avl_dup_error ) ) { *err = soc->soc_oid; - ldap_memfree(oir->oir_name); ldap_memfree(oir); - return SLAP_SCHERR_DUP_CLASS; + return SLAP_SCHERR_CLASS_DUP; } /* FIX: temporal consistency check */ - assert( oc_find(oir->oir_name) != NULL ); + assert( oc_bvfind(&oir->oir_name) != NULL ); } if ( (names = soc->soc_names) ) { while ( *names ) { oir = (struct oindexrec *) ch_calloc( 1, sizeof(struct oindexrec) ); - oir->oir_name = ch_strdup(*names); + oir->oir_name.bv_val = *names; + oir->oir_name.bv_len = strlen( *names ); oir->oir_oc = soc; - assert( oir->oir_name ); + assert( oir->oir_name.bv_val ); assert( oir->oir_oc ); if ( avl_insert( &oc_index, (caddr_t) oir, @@ -447,13 +383,12 @@ oc_insert( (AVL_DUP) avl_dup_error ) ) { *err = *names; - ldap_memfree(oir->oir_name); ldap_memfree(oir); - return SLAP_SCHERR_DUP_CLASS; + return SLAP_SCHERR_CLASS_DUP; } /* FIX: temporal consistency check */ - assert( oc_find(oir->oir_name) != NULL ); + assert( oc_bvfind(&oir->oir_name) != NULL ); names++; } @@ -464,21 +399,61 @@ oc_insert( int oc_add( - LDAP_OBJECT_CLASS *oc, + LDAPObjectClass *oc, + int user, const char **err ) { ObjectClass *soc; int code; + int op = 0; + + if ( oc->oc_names != NULL ) { + int i; + + for( i=0; oc->oc_names[i]; i++ ) { + if( !slap_valid_descr( oc->oc_names[i] ) ) { + return SLAP_SCHERR_BAD_DESCR; + } + } + } + + if ( !OID_LEADCHAR( oc->oc_oid[0] )) { + /* Expand OID macros */ + char *oid = oidm_find( oc->oc_oid ); + if ( !oid ) { + *err = oc->oc_oid; + return SLAP_SCHERR_OIDM; + } + if ( oid != oc->oc_oid ) { + ldap_memfree( oc->oc_oid ); + oc->oc_oid = oid; + } + } soc = (ObjectClass *) ch_calloc( 1, sizeof(ObjectClass) ); - memcpy( &soc->soc_oclass, oc, sizeof(LDAP_OBJECT_CLASS)); - if ( (code = oc_add_sups(soc,soc->soc_sup_oids,err)) != 0 ) - return code; - if ( (code = oc_create_required(soc,soc->soc_at_oids_must,err)) != 0 ) - return code; - if ( (code = oc_create_allowed(soc,soc->soc_at_oids_may,err)) != 0 ) - return code; + AC_MEMCPY( &soc->soc_oclass, oc, sizeof(LDAPObjectClass) ); + + if( soc->soc_sup_oids == NULL && + soc->soc_kind == LDAP_SCHEMA_STRUCTURAL ) + { + /* structural object classes implicitly inherit from 'top' */ + static char *top_oids[] = { SLAPD_TOP_OID, NULL }; + code = oc_add_sups( soc, top_oids, &op, err ); + } else { + code = oc_add_sups( soc, soc->soc_sup_oids, &op, err ); + } + + if ( code != 0 ) return code; + + code = oc_create_required( soc, soc->soc_at_oids_must, &op, err ); + if ( code != 0 ) return code; + + code = oc_create_allowed( soc, soc->soc_at_oids_may, &op, err ); + if ( code != 0 ) return code; + + if( user && op ) return SLAP_SCHERR_CLASS_BAD_SUP; + code = oc_insert(soc,err); return code; } @@ -516,31 +491,26 @@ oc_print( ObjectClass *oc ) int oc_schema_info( Entry *e ) { - struct berval val; - struct berval *vals[2]; + struct berval vals[2]; ObjectClass *oc; -#ifdef SLAPD_SCHEMA_NOT_COMPAT AttributeDescription *ad_objectClasses = slap_schema.si_ad_objectClasses; -#else - char *ad_objectClasses = "objectClasses"; -#endif - vals[0] = &val; - vals[1] = NULL; + vals[1].bv_val = NULL; for ( oc = oc_list; oc; oc = oc->soc_next ) { - val.bv_val = ldap_objectclass2str( &oc->soc_oclass ); - if ( val.bv_val == NULL ) { + if ( ldap_objectclass2bv( &oc->soc_oclass, vals ) == NULL ) { return -1; } - val.bv_len = strlen( val.bv_val ); + + if( oc->soc_flags & SLAP_OC_HIDE ) continue; + #if 0 Debug( LDAP_DEBUG_TRACE, "Merging oc [%ld] %s\n", - (long) val.bv_len, val.bv_val, 0 ); + (long) vals[0].bv_len, vals[0].bv_val, 0 ); #endif attr_merge( e, ad_objectClasses, vals ); - ldap_memfree( val.bv_val ); + ldap_memfree( vals[0].bv_val ); } return 0; }